CVE-2025-62725 | docker compose up to 2.40.1 com.docker.compose.extends path traversal (GHSA-gv8h-7v7w-r22q)

A vulnerability identified as critical has been detected in docker compose up to 2.40.1. This impacts an unknown function of the component com.docker.compose.extends/com.docker.compose.envfile. The manipulation leads to path traversal.

This vulnerability is referenced as CVE-2025-62725. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More